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CLAIMS 

Now, therefore, the following is claimed: 

1 1. A computer system, comprising: 

2 a display device having a screen for displaying images; and 

3 a security application defining a list of security rules for locking down 

4 resources of said computer system, said security application configured to categorize 

5 said rules into a plurality of categories and to display at least one of said categories on 

6 said screen, said security application configured to determine which of said rules are 

7 associated with said one category in response to a selection of said one category by a 

8 user of said computer system, said security application configured to display on said 

9 screen each of said rules associated with said one category in response to said 

10 selection, said security application further configured to allow said user to enable ones 

1 1 of said rules and to cause said computer system to enforce said enabled ones of said 

12 rules by modifying a machine state of said computer system. 

1 2. The computer system of claim 1, wherein said computer system further 

2 comprises memory storing various computer applications, and wherein said security 

3 application is further configured to determine which computer applications are stored 

4 in said memory and to display said categories based on a determination by said security 

5 application as to which computer applications are stored in said memory. 

1 3 . The system of claim 1 , wherein said one category is displayed on said 

2 screen by said security application in response to a selection of another category by 

3 said user. 
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4. The system of claim 1, wherein said one category is a sub-category of 
another of said categories. 

5. A system for locking down resources of computer systems, comprising: 
means for defining a list of security rules for locking down resources of a 

computer system; 

means for categorizing said rules into a plurality of categories; 
means for displaying at least one of said categories; 

means for determining, in response to a selection of said one category, which of 
said rules is associated with said one category; 

means for displaying each of said rules determined by said determining means 
to be associated with said one category; 

means for enabling ones of said rules based on user inputs; and 

means for enforcing each of said enabled rules. 
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1 6. The system of claim 5, further comprising: 

2 means for storing various computer applications; 

3 means for identifying which computer applications are stored in said storing 

4 means; and 

5 means for displaying said categories based on which computer applications are 

6 identified by said identifying means. 

1 7. The system of claim 5, further comprising: 

2 means for selecting another of said categories; and 

3 means for displaying said one category in response to a selection by said 

4 selecting means. 

1 8. The system of claim 5, wherein said one category is a sub-category of 

2 another of said categories. 
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9. A method for locking down resources of computer systems, comprising 
the steps of: 

defining a list of security rules for locking down resources of a computer 

system; 

categorizing said rules into a plurality of categories; 
displaying at least one of said categories; 

determining, in response to a selection of said one category, which of said rules 
is associated with said one category; 

displaying each of said rules determined in said determining step to be 
associated with said one category; 

enabling ones of said rules displayed via said displaying each of said rules step; 

and 

enforcing each of said enabled rules based on said enabling step. 

10. The method of claim 9, wherein said computer system has memory and 
said method further comprises the steps of: 

storing various computer applications in said memory; 
determining which computer applications are stored in said memory; and 
displaying said categories based on said determining which computer 
applications are stored in said memory step. 

1 1 . The method of claim 9, further comprising the steps of: 
selecting another of said categories; and 

displaying said one category in response to said selecting step. 
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1 12. The method of claim 9, wherein said one category is a sub-category of 

2 another of said categories. 



29 



